Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

SUSE: Security Advisory 2012:0814-1 for Cobbler Remote Code Risks

suse
Calendar Grey July 3, 2012
Dist Suse Esm H88
SUSE reveals an urgent security patch for cobbler targeting a vulnerability that facilitates remote code execution, impacting several applications.
An update that fixes one vulnerability is now available

Summary

This update of cobbler fixes a remote code execution flaw which could have been exploited through cobbler's XMLRPC API (CVE-2012-2395). Security Issue references: * CVE-2012-2395 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Manager Client Tools for SLE 11 SP1: zypper in -t patch slesctsp1-cobbler-6378 - SUSE Manager 1.2 for SLE 11 SP1: zypper in -t patch sleman12sp1-cobbler-6378 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Manager Client Tools for SLE 11 SP1 (x86_64): koan-2.0.10-0.38.1 - SUSE Manager 1.2 for SLE 11 SP1 (x86_64): cobbler-2.0.10-0.38.1

Topics%20covered

Topics Covered

security advisory remote code execution patch important SUSE Manager cobbler SLE 11

References

#763610

Cross- CVE-2012-2395

Affected Products:

SUSE Manager Client Tools for SLE 11 SP1

SUSE Manager 1.2 for SLE 11 SP1

https://www.suse.com/security/cve/CVE-2012-2395.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2012:0814-1
Rating: important

Topics%20covered

Topics Covered

security advisory remote code execution patch important SUSE Manager cobbler SLE 11

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here